FEDORA-MODULAR-2020-36f52d4e8f — security update for cri-o:1.14

stable

cri-o-1.14-3120200226174119.f636be4b

FEDORA-MODULAR-2020-36f52d4e8f created by lsm5 5 years ago for Fedora 31 Modular

Resolves: CVE-2020-8945

This update has been submitted for testing by lsm5.

5 years ago

This update's test gating status has been changed to 'waiting'.

5 years ago

This update's test gating status has been changed to 'ignored'.

5 years ago

lsm5 edited this update.

5 years ago

lsm5 edited this update.

5 years ago

lsm5 edited this update.

5 years ago

lsm5 edited this update.

5 years ago

This update has been pushed to testing.

5 years ago

This update can be pushed to stable now if the maintainer wishes

5 years ago

This update has been submitted for stable by bodhi.

5 years ago

This update has been pushed to stable.

5 years ago

Please login to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

Module

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

5 years ago

in testing

5 years ago

in stable

5 years ago

modified

5 years ago

Builds

cri-o-1.14-3120200226174119.f636be4b

BZ#1740730 cri-o 2:1.14.9-1.module_f30+5132+c35a5687 does not start

BZ#1743017 crio1.14 does not start

BZ#1754170 The crio command fails with: 'Invalid character(s) found in prerelease "module_f30"'

BZ#1792796 CVE-2020-1702 containers/image: Container images read entire image manifest into memory

BZ#1795829 CVE-2020-1702 cri-o: containers/image: Container images read entire image manifest into memory [fedora-31]

BZ#1795838 CVE-2020-8945 proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

BZ#1802900 CVE-2020-8945 cri-o:1.14/cri-o: proglottis/gpgme: Use-after-free in GPGME bindings during container image pull [fedora-all]

cri-o-1.14-3120200226174119.f636be4b

Automated Test Results

ignored